Manualshelf

HP-UX Host Intrusion Detection System Release 4.1 Release Notes for HP-UX 11i v1 | HP-UX 11i v2 | HP-UX 11i v3

ManualsBrandsHP ManualsSoftwareHP-UX Host Intrusion Detection System Software
21222324252627282930
are no longer being dropped, respectively. For more information see Appendix E, “The
Agent Configuration File,” in the Host Intrusion Detection System Administrator’s Guide.
The System Manager on PA-RISC 1.1 Systems
The System Manager should be run with J2SE 5.0 (aka Java 1.5.x). For PA-RISC 1.1
systems, however, Java 1.5.x is not supported; therefore, the System Manager can only
be run with Java 1.4.x on PA-RISC 1.1 systems. For the most part, the System Manager
will behave correctly using Java 1.4.x but with some limitations, and can generate
numerous warnings or errors in /var/opt/ids/gui/logs/Trace.log and
/var/opt/ids/gui/guiError.log that may result in very large files that can a
consume a considerable amount of disk space.
Time Units Cannot be Specified for Template Properties in Schedule Manager
In the Schedule Managers template property editing windows, you can not specify
time unit (For example, s = seconds, m = minutes, d = days, w = weeks) for template
property time values. Some time-related template properties are interpreted as being
in seconds (example, the fail_interval and warning_interval properties for
the Repeated Failed Logins template), while other properties are interpreted as being
in minutes (for example, the fail_interval property for the Repeated Failed su
commands template).
Schedules that Contain Username Template Values Cannot be run by Release 3.x Agents
Starting with HIDS 4.0, user names and user IDs can be specified for user template
properties such as users_to_monitor and priv_user_list. HIDS v3.x supports
only user IDs values for these user template properties, therefore schedules that contain
user names instead of user IDs cannot be run by v3.x agents. The schedules should
only specify user IDs values for these user template properties if they are to be run by
both v3.x and v4.0 (or later) agents.
Error Log File Rotation
When you rotate an agent’s error log file (default location is
/var/opt/ids/error.log), the idsagent process must be restarted by sending it a
HUP signal in order for all new errors to appear in a newly created error log file.
Defect Fixes and Enhancements in HIDS Release 4.1
HIDS Release 4.1 includes the following defect fixes and enhancements:
Earlier versions of HIDS do not allow administrators to use the # character when
specifying a file pathname because the HIDS schedule parser treats # as a comment
character, even if it is escaped with a backslash (i.e., \#). Starting with HIDS Release
26 Announcement